Field of the Invention
This invention relates generally to the field of data processing systems. More particularly, the invention relates to a system and method for biometric authentication with device attestation.
Description of Related Art
Existing systems have been designed for providing secure user authentication over a network using biometric sensors. For example, Patent Application No. 2011/0082801 (“'801 Application”) describes a framework for user registration and authentication on a network which provides strong authentication (e.g., protection against identity theft and phishing), secure transactions (e.g., protection against “malware in the browser” and “man in the middle” attacks for transactions), and enrollment/management of client authentication tokens (e.g., fingerprint readers, facial recognition devices, smartcards, trusted platform modules, etc).
Biometric sensors have been used for local computer authentication for years in commercial off-the-shelf computer systems such as Lenovo® Thinkpads® and HP® Elite Books®. Biometric sensors integrated into these computer systems typically can rely on the integrity of the computer system as convenience as opposed to attack resistance is their primary goal. Additionally commercial computer systems typically aren't robust against physical tampering at all. So adding physical protection for the fingerprint sensor alone hasn't been a priority.
While biometric devices have been used for remote authentication to certain applications, strict organizational methods have been required to protect the integrity of biometric systems. For example, these biometric systems are typically sealed and their interface to computer systems is accessible only to authorized and trusted personnel (e.g., a trusted individual or group which ensures that a known acceptable biometric device is used and is not tampered with).
With the increased adoption of cloud services, a new use case for biometric authentication has evolved, i.e., biometric-based authentication to cloud services. In this case, at least the biometric sensor may be attached to an unsupervised machine. This unsupervised case has two important consequences:                a) The biometric device should have integrated anti-spoofing methods (i.e. detection of fake biometrics) as there is no supervisor checking the system is not being spoofed; and        b) The machine's and the biometric device's integrity cannot be assumed to be protected by external methods and hence need their own shielding mechanisms.        
The need for (a) is well identified and addressed by the research community (Murali Mohan Chakka, 2011) (Marcialis, 2009) (Umut Uludag, Anil K. Jain; Department of Computer Science and Engineering, Michigan State University). However, techniques for (b) have yet to be fully developed. In particular, there are currently no standardized techniques for an Application to determine whether it is communicating with a real biometric device or with a piece of malware. Additionally, no acceptable techniques exist for a remote relying party such as a cloud service to determine whether a request to access the service is being sent by a trusted Application or by malware.
FIG. 1 illustrates an exemplary client 120 with a biometric device 100. When operated normally, a biometric sensor 102 reads raw biometric data from the user (e.g., capture the user's fingerprint, record the user's voice, snap a photo of the user, etc) and a feature extraction module 103 extracts specified characteristics of the raw biometric data (e.g., focusing on certain regions of the fingerprint, certain facial features, etc). A matcher module 104 compares the extracted features 133 with biometric reference data 110 stored in a secure storage on the client 120 and generates a score 135 based on the similarity between the extracted features and the biometric reference data 110. The biometric reference data 110 is typically the result of an enrollment process in which the user enrolls a fingerprint, voice sample, image or other biometric data with the device 100. An application 105 may then use the score 135 to determine whether the authentication was successful (e.g., if the score is above a certain specified threshold).
An attacker may target various locations 130-136 within the biometric pipeline. At 130, for example, the attacker may submit fake biometric data to the biometric sensor 102 (e.g., submitting a recording of the user's voice or a photo of the user's fingerprint). At 131, the attacker may re-submit an old signal containing previously-captured features to the feature extraction module 103 or, at 132, may override the feature extraction function entirely. At 133, the attacker may tamper with feature representation provided to the matcher 104 or, at 134, may override the matching function. At 136, the attacker may provide forged biometric reference data to the matcher 104 or, at 135, may provide a forged score to the application 105. Thus, as illustrated in FIG. 1, there are numerous locations within the biometric pipeline which may be susceptible to targeting by an attacker.